diff options
Diffstat (limited to 'src/conf-mode/vyos-config-ntp.py')
-rwxr-xr-x | src/conf-mode/vyos-config-ntp.py | 161 |
1 files changed, 0 insertions, 161 deletions
diff --git a/src/conf-mode/vyos-config-ntp.py b/src/conf-mode/vyos-config-ntp.py deleted file mode 100755 index 8be12e44e..000000000 --- a/src/conf-mode/vyos-config-ntp.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/env python3 -# -# Copyright (C) 2018 VyOS maintainers and contributors -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 or later as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. -# -# - -import sys -import os - -import jinja2 -import ipaddress - -from vyos.config import Config -from vyos import ConfigError - -config_file = r'/etc/ntp.conf' - -# Please be careful if you edit the template. -config_tmpl = """ -### Autogenerated by vyos-config-ntp.py ### - -# -# Non-configurable defaults -# -driftfile /var/lib/ntp/ntp.drift -# By default, only allow ntpd to query time sources, ignore any incoming requests -restrict default ignore -# Local users have unrestricted access, allowing reconfiguration via ntpdc -restrict 127.0.0.1 -restrict -6 ::1 - - -# -# Configurable section -# - -{% if servers -%} -{% for s in servers -%} -# Server configuration for: {{ s.name }} -server {{ s.name }} iburst {{ s.options | join(" ") }} - -{% endfor -%} -{% endif %} - -{% if allowed_networks -%} -{% for n in allowed_networks -%} -# Client configuration for network: {{ n.network }} -restrict {{ n.address }} mask {{ n.netmask }} nomodify notrap nopeer - -{% endfor -%} -{% endif %} - -""" - -default_config_data = { - 'servers': [], - 'allowed_networks': [] -} - -def get_config(): - ntp = default_config_data - conf = Config() - if not conf.exists('system ntp'): - return None - else: - conf.set_level('system ntp') - - if conf.exists('allow-clients address'): - networks = conf.return_values('allow-clients address') - for n in networks: - addr = ipaddress.ip_network(n) - net = { - "network" : n, - "address" : addr.network_address, - "netmask" : addr.netmask - } - - ntp['allowed_networks'].append(net) - - if conf.exists('server'): - for node in conf.list_nodes('server'): - options = [] - server = { - "name": node, - "options": [] - } - if conf.exists('server {0} dynamic'.format(node)): - options.append('dynamic') - if conf.exists('server {0} noselect'.format(node)): - options.append('noselect') - if conf.exists('server {0} preempt'.format(node)): - options.append('preempt') - if conf.exists('server {0} prefer'.format(node)): - options.append('prefer') - - server['options'] = options - ntp['servers'].append(server) - - return ntp - -def verify(ntp): - # bail out early - looks like removal from running config - if ntp is None: - return None - - # Configuring allowed clients without a server makes no sense - if len(ntp['allowed_networks']) and not len(ntp['servers']): - raise ConfigError('NTP server not configured') - - for n in ntp['allowed_networks']: - try: - addr = ipaddress.ip_network( n['network'] ) - break - except ValueError: - raise ConfigError("{0} does not appear to be a valid IPv4 or IPv6 network, check host bits!".format(n['network'])) - - return None - -def generate(ntp): - # bail out early - looks like removal from running config - if ntp is None: - return None - - tmpl = jinja2.Template(config_tmpl) - config_text = tmpl.render(ntp) - with open(config_file, 'w') as f: - f.write(config_text) - - return None - -def apply(ntp): - if ntp is not None: - os.system('sudo /usr/sbin/invoke-rc.d ntp force-reload') - else: - # NTP suuport is removed in the commit - os.system('sudo /usr/sbin/invoke-rc.d ntp stop') - os.unlink(config_file) - - return None - -if __name__ == '__main__': - try: - c = get_config() - verify(c) - generate(c) - apply(c) - except ConfigError as e: - print(e) - sys.exit(1) |